---
# Tasks to set up yubikey_verifier

- name: install needed packages
  package: name={{ item }} state=present
  with_items:
  - yubikey-ksm
  - yubikey-val
  - php-pgsql
  tags:
  - packages

- name: install /etc/ykksm/ykksm-config.php and /etc/ykval/ykval-config.php
  template: src={{ item.file }}
            dest={{ item.dest }}
            owner=apache group=apache mode=0640
  with_items:
  - { file: ykksm-config.php, dest: /etc/ykksm/ykksm-config.php }
  - { file: ykval-config.php, dest: /etc/ykval/ykval-config.php }

- name: symlink the configuration files to /usr/share/...
  file: src={{item.file}} dest={{ item.dest }} state=link
  with_items:
  - {file: /etc/ykval/ykval-config.php, dest: /usr/share/ykval/ykval-config.php }
  - {file: /etc/ykksm/ykksm-config.php, dest: /usr/share/ykksm/ykksm-config.php }

- name: install the apache configuration files
  copy: src={{ item.file }}
        dest={{ item.dest}}
  with_items:
  - { file: yk-ksm.conf, dest: /etc/httpd/conf.d/yk-ksm.conf }
  - { file: yk-val.conf, dest: /etc/httpd/conf.d/yk-val.conf }

- name: enable httpd_can_network_connect selinux boolean
  seboolean: name=httpd_can_network_connect state=yes persistent=yes
  tags:
  - config

